Is firecrawl-mcp safe?

listed, not verified The mcp-audit verdict for firecrawl-mcp (npm), rendered from the same JSON the API serves.

Registry facts

Maintainer	Firecrawl
Verified publisher	no
Entry last verified	2026-05-02
Hash pins available	no
Repository	https://github.com/mendableai/firecrawl-mcp-server

No known CVEs recorded for this package.

Capability tags come from mcp-audit's curated registry and drive its cross-server toxic-flow analysis.

This page describes the public package. What matters is your deployment — run the full check locally:

pip install mcp-audit-scanner
mcp-audit check

![mcp-audit](https://img.shields.io/endpoint?url=https://mcp-audit.dev/v1/badge/npm/firecrawl-mcp.json)